Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Windows : Microsoft Bulletins --> Category: infos

Unchecked Buffer in Windows Help Facility Could Enable Code Execution (Q323255) Vulnerability Scan


Vulnerability Scan Summary
Checks for MS Hotfix Q323255, Unchecked Buffer in Windows Help facility

Detailed Explanation for this Vulnerability Test

Synopsis :

Arbitrary code can be executed on the remote host through the web client.

Description :

The remote host contains a version of the HTML Helpfacility ActiveX control
module which is vulnerable to a security flaw which may allow a possible hacker
to execute arbitrary code on the remote host by constructing a malicious
web page and entice a victim to visit this web page.

Solution :

Microsoft has released a set of patches for Windows NT, 2000 and XP :

http://www.microsoft.com/technet/security/bulletin/ms02-055.mspx

Threat Level:

High / CVSS Base Score : 8
(AV:R/AC:H/Au:NR/C:C/A:C/I:C/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.